A command-line tool implemented in Go to test for DNS leaks and DNS rebinding vulnerabilities.
This tool performs a comprehensive BigDig DNS leak test, checking which DNS servers are actually resolving your requests. It can also perform a specific test for DNS rebinding vulnerabilities.
- DNS Leak Test: Verifies which DNS servers are handling your queries by making requests to unique subdomains.
- DNS Rebinding Test: Checks for rebinding vulnerabilities by performing periodic requests over a wait period (skipped in
shortmode). - Client IP Detection: Fetches and displays client IP information.
- Cross-Platform: Ready-to-build for Linux, Windows, and macOS.
You need Go installed to build this project.
The project includes a Makefile to simplify the build process.
To build binaries for all supported platforms (Linux, Windows, macOS):
make buildThe binaries will be created in the build/ directory:
dnsleaktest-linux-amd64dnsleaktest-linux-arm64dnsleaktest-darwin-amd64dnsleaktest-darwin-arm64dnsleaktest.exe(Windows)
To clean build artifacts:
make cleanTo install the binary to /usr/local/bin/ (Linux amd64 only):
sudo make installNote: Ensure you run
make buildbefore installing, as the install command copies the compiled binary from thebuild/directory.
Run the compiled binary for your platform.
./build/dnsleaktest-linux-amd64 [flags]-short: Run a short test. This only checks for DNS leaks and skips the longer DNS rebinding phase.-version: Print version information and exit.
Run a full test (Leak + Rebinding):
./dnsleaktestNote: The full test includes a waiting period (approx. 70 seconds) to detect rebinding attempts.
Run a short test (Leak only):
./dnsleaktest -shortMIT License. See LICENSE file for details.